Amazon s3 S3失效后的政策文件是否依赖于存储桶?
我有直接的HTML发布到S3 bucket,用于bucket A。如果我保持所有代码完全相同,但替换并签署bucket B的策略,Amazon将返回InvalidPolicyDocument错误。bucket在接受已发布的对象之前是否需要启用或设置 提前谢谢! 本 另外,我已经在策略和上传URL中更改了bucket名称 pps。根据请求,我在Fiddler中跟踪了这两个请求。以下是请求和响应: 好的要求是: 请求:Amazon s3 S3失效后的政策文件是否依赖于存储桶?,amazon-s3,Amazon S3,我有直接的HTML发布到S3 bucket,用于bucket A。如果我保持所有代码完全相同,但替换并签署bucket B的策略,Amazon将返回InvalidPolicyDocument错误。bucket在接受已发布的对象之前是否需要启用或设置 提前谢谢! 本 另外,我已经在策略和上传URL中更改了bucket名称 pps。根据请求,我在Fiddler中跟踪了这两个请求。以下是请求和响应: 好的要求是: 请求: ------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1a
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="Filename"
Blue hills.jpg
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="key"
uploads/${filename}
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="signature"
STJNaC3bFVXD9VSUPhId41yw5+w=
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="AWSAccessKeyId"
0WDZ435HNTSCJ306SXR2
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="acl"
private
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="success_action_status"
201
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="policy"
eydjb25kaXRpb25zJzogW3snYnVja2V0JzogJzB3ZHo0MzVobnRzY2ozMDZzeHIyLXRlc3QtYnVja2V0J30sIFsnc3RhcnRzLXdpdGgnLCAnJGtleScsICd1cGxvYWRzLyddLCBbJ3N0YXJ0cy13aXRoJywgJyRGaWxlbmFtZScsICcnXSwgeydhY2wnOiAncHJpdmF0ZSd9LCB7J3N1Y2Nlc3NfYWN0aW9uX3N0YXR1cyc6ICcyMDEnfV0sICdleHBpcmF0aW9uJzogJzIwMDktMDYtMTBUMTg6MTc6NTlaJ30=
------------ae0KM7cH2cH2cH2Ij5Ef1cH2Ef1ae0
Content-Disposition: form-data; name="file"; filename="Blue hills.jpg"
Content-Type: application/octet-stream
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="Filename"
Water lilies.jpg
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="policy"
eydjb25kaXRpb25zJzogW3snYnVja2V0JzogdScwd2R6NDM1aG50c2NqMzA2c3hyMi1tNGxiZXRhJ30sIFsnc3RhcnRzLXdpdGgnLCAnJGtleScsICd1cGxvYWRzLyddLCBbJ3N0YXJ0cy13aXRoJywgJyRGaWxlbmFtZScsICcnXSwgeydhY2wnOiAncHJpdmF0ZSd9LCB7J3N1Y2Nlc3NfYWN0aW9uX3N0YXR1cyc6ICcyMDEnfSwgeydDb250ZW50LVR5cGUnOiAnYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtJ31dLCAnZXhwaXJhdGlvbic6ICcyMDA5LTA2LTEwVDE4OjA5OjE0Wid9
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="key"
uploads/${filename}
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="signature"
u+pOKfpLrFaRhiP3lfTPbCyWl3I=
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="AWSAccessKeyId"
0WDZ435HNTSCJ306SXR2
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="acl"
private
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="success_action_status"
201
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="Content-Type"
application/octet-stream
------------Ij5cH2cH2gL6gL6gL6Ij5Ij5GI3cH2
Content-Disposition: form-data; name="file"; filename="Water lilies.jpg"
Content-Type: application/octet-stream
答复:
<?xml version="1.0" encoding="UTF-8"?>
<PostResponse><Location>http://0wdz435hntscj306sxr2-test-bucket.s3.amazonaws.com/uploads%2FBlue+hills.jpg</Location><Bucket>0wdz435hntscj306sxr2-test-bucket</Bucket><Key>uploads/Blue hills.jpg</Key><ETag>"6fb2a38dc107eacb41cf1656e899cf70"</ETag></PostResponse>
100
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidPolicyDocument</Code><Message>Invalid Policy: Invalid JSON.</Message><RequestId>2D883FC8947547AC</RequestId><HostId>G1r2SCbd87UmmlOU0hSY3/VTGGXBEmXdLXoxaGt4GJjpELBVHXtjn6PSAPhufLAC</HostId></Error>
0
答复:
<?xml version="1.0" encoding="UTF-8"?>
<PostResponse><Location>http://0wdz435hntscj306sxr2-test-bucket.s3.amazonaws.com/uploads%2FBlue+hills.jpg</Location><Bucket>0wdz435hntscj306sxr2-test-bucket</Bucket><Key>uploads/Blue hills.jpg</Key><ETag>"6fb2a38dc107eacb41cf1656e899cf70"</ETag></PostResponse>
100
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>InvalidPolicyDocument</Code><Message>Invalid Policy: Invalid JSON.</Message><RequestId>2D883FC8947547AC</RequestId><HostId>G1r2SCbd87UmmlOU0hSY3/VTGGXBEmXdLXoxaGt4GJjpELBVHXtjn6PSAPhufLAC</HostId></Error>
0
确保在操作URL和策略文档中都更改了bucket名称 更新 以下是这两种策略的Base64解码版本: 好
{
'conditions': [
{
'bucket': '0wdz435hntscj306sxr2-test-bucket'
},
['starts-with', '$key', 'uploads/'],
['starts-with', '$Filename', ''],
{
'acl': 'private'
},
{
'success_action_status': '201'
}
],
'expiration': '2009-06-10T18:17:59Z'
}
{
'conditions': [
{
'bucket': u'0wdz435hntscj306sxr2-m4lbeta'
},
['starts-with', '$key', 'uploads/'],
['starts-with', '$Filename', ''],
{
'acl': 'private'
},
{
'success_action_status': '201'
},
{
'Content-Type': 'application/octet-stream'
}
],
'expiration': '2009-06-10T18:09:14Z'
}
坏的
{
'conditions': [
{
'bucket': '0wdz435hntscj306sxr2-test-bucket'
},
['starts-with', '$key', 'uploads/'],
['starts-with', '$Filename', ''],
{
'acl': 'private'
},
{
'success_action_status': '201'
}
],
'expiration': '2009-06-10T18:17:59Z'
}
{
'conditions': [
{
'bucket': u'0wdz435hntscj306sxr2-m4lbeta'
},
['starts-with', '$key', 'uploads/'],
['starts-with', '$Filename', ''],
{
'acl': 'private'
},
{
'success_action_status': '201'
},
{
'Content-Type': 'application/octet-stream'
}
],
'expiration': '2009-06-10T18:09:14Z'
}
不知何故,一个额外的“u”卡在了错误策略的存储桶行中如果您使用一个“100%兼容”服务而不是原始S3,请检查策略中键的顺序,
过期
必须是第一位的(如中)。您能使用Fiddler跟踪这两个请求并发布结果吗?谢谢Bryce!额外的u表示unicode字符串,这是使用Google应用程序引擎时默认的Python字符串类型。在对策略进行编码之前,我可能必须使用str()将其转换为常规字符串。接得好!